/**
 * 
 */
package cn.com.rexen.rplus.sa.controller;

import java.security.NoSuchAlgorithmException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import cn.com.rexen.rplus.controller.ControllerSupport;
import cn.com.rexen.rplus.core.utils.StringUtils;
import cn.com.rexen.rplus.sa.entity.User;
import cn.com.rexen.rplus.sa.model.PassWordVO;
import cn.com.rexen.rplus.sa.service.UserService;

/**
 * @author zhanghai
 * 
 */
@Controller
@RequestMapping(value = ResetPasswordController.REQUEST_PATH)
public class ResetPasswordController extends ControllerSupport {

    private Logger logger = LoggerFactory.getLogger(ResetPasswordController.class);

    /**
     * user模块路径.
     */
    public static final String REQUEST_PATH = "changepw";

    @Autowired
    private UserService userService;

    @RequestMapping(value = "/save", method = RequestMethod.POST, headers = { "Content-type=application/json" })
    @ResponseBody
    public ModelMap changepw(@RequestBody PassWordVO vo, HttpServletResponse response, HttpServletRequest request) {
        ModelMap mm = new ModelMap();
        try {
            SecurityContextImpl securityContextImpl = (SecurityContextImpl) request.getSession().getAttribute(
                    "SPRING_SECURITY_CONTEXT");
            logger.info("Username:" + securityContextImpl.getAuthentication().getName());
            String userid = securityContextImpl.getAuthentication().getName();
            if (StringUtils.isEmpty(userid)) {
                throw new RuntimeException("userid is null.");
            }
            User user = userService.get(User.class, userid);
            String pw = vo.getPw();
            String md5 = null;

            md5 = StringUtils.MD5(pw);
            if (!user.getPassword().equals(md5)) {
                responseError(HttpServletResponse.SC_EXPECTATION_FAILED, "旧密码不正确.", response);//417
            }
            if (!vo.getNpw().equals(vo.getCpw())) {
                responseError(HttpServletResponse.SC_EXPECTATION_FAILED, "新密码与确认新密码不一致.", response);//417
            }
            user.setPassword(StringUtils.MD5(vo.getNpw()));
            userService.saveOrUpdate(user);
        } catch (Exception e) {
            e.printStackTrace();
            responseError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "系统异常.", response);
        }

        mm.addAttribute("msg", "修改成功.");
        mm.addAttribute("success", true);
        return mm;

    }

}
